mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-09-15 15:32:30 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

check file existance before trying to verify apks; use centext manager for zips when verifying apk

Browse source
This commit is contained in:
Michael Pöhn 2017-06-12 01:48:29 +02:00
parent efb0bf6ee5
commit 08627d70a7
1 changed files with 30 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

19
fdroidserver/common.py
View file

@ -2088,8 +2088,8 @@ def metadata_get_sigdir(appid, vercode=None):
def metadata_find_signing_files(appid, vercode): def metadata_find_signing_files(appid, vercode):
"""Gets a list of singed manifests and signatures. """Gets a list of singed manifests and signatures.
:param appid: id string of that app :param appid: app id string
:param vercode: version code of that app :param vercode: app version code
:returns: a list of triplets for each signing key with following paths: :returns: a list of triplets for each signing key with following paths:
(signature_file, singed_file, manifest_file) (signature_file, singed_file, manifest_file)
""" """
@ -2212,7 +2212,13 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir):
describing what went wrong. describing what went wrong.
""" """
signed = ZipFile(signed_apk, 'r') if not os.path.isfile(signed_apk):
return 'can not verify: file does not exists: {}'.format(signed_apk)
if not os.path.isfile(unsigned_apk):
return 'can not verify: file does not exists: {}'.format(unsigned_apk)
with ZipFile(signed_apk, 'r') as signed:
meta_inf_files = ['META-INF/MANIFEST.MF'] meta_inf_files = ['META-INF/MANIFEST.MF']
for f in signed.namelist(): for f in signed.namelist():
if apk_sigfile.match(f) \ if apk_sigfile.match(f) \
@ -2222,20 +2228,19 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir):
return "Signature files missing from {0}".format(signed_apk) return "Signature files missing from {0}".format(signed_apk)
tmp_apk = os.path.join(tmp_dir, 'sigcp_' + os.path.basename(unsigned_apk)) tmp_apk = os.path.join(tmp_dir, 'sigcp_' + os.path.basename(unsigned_apk))
unsigned = ZipFile(unsigned_apk, 'r') with ZipFile(unsigned_apk, 'r') as unsigned:
# only read the signature from the signed APK, everything else from unsigned # only read the signature from the signed APK, everything else from unsigned
with ZipFile(tmp_apk, 'w') as tmp: with ZipFile(tmp_apk, 'w') as tmp:
for filename in meta_inf_files: for filename in meta_inf_files:
tmp.writestr(signed.getinfo(filename), signed.read(filename)) tmp.writestr(signed.getinfo(filename), signed.read(filename))
for info in unsigned.infolist(): for info in unsigned.infolist():
if info.filename in meta_inf_files: if info.filename in meta_inf_files:
logging.warning('Ignoring ' + info.filename + ' from ' + unsigned_apk) logging.warning('Ignoring %s from %s',
info.filename, unsigned_apk)
continue continue
if info.filename in tmp.namelist(): if info.filename in tmp.namelist():
return "duplicate filename found: " + info.filename return "duplicate filename found: " + info.filename
tmp.writestr(info, unsigned.read(info.filename)) tmp.writestr(info, unsigned.read(info.filename))
unsigned.close()
signed.close()
verified = verify_apk_signature(tmp_apk) verified = verify_apk_signature(tmp_apk)